onboarding.athelas.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://r.athelas.com/onboarding/QQkg8Bx3r4QQi7eU8
Effective URL:
https://onboarding.athelas.com/patient_pay?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjQxNDc0NywiZmlyc3RfbmFtZSI6IktSS...
Submission: On May 07 via manual (May 7th 2024, 4:11:54 pm UTC) from US — Scanned from DE

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 10 domains to perform 32 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is onboarding.athelas.com.
TLS certificate: Issued by E1 on April 13th 2024. Valid for: 3 months.

This is the only time onboarding.athelas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
6	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
8	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	35.190.40.38 35.190.40.38	15169 (GOOGLE) (GOOGLE)
1	18.245.46.115 18.245.46.115	16509 (AMAZON-02) (AMAZON-02)
2	34.110.230.65 34.110.230.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
3	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
32	15

1 199.36.158.100 (United States) 1 redirects

ASN54113 (FASTLY, US)

r.athelas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

onboarding.athelas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.190.35.bc.googleusercontent.com

api.athelas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.46.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-115.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.110.230.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.230.110.34.bc.googleusercontent.com

rcm-api.athelas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

athelas.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o4504923185020928.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	athelas.com 1 redirects r.athelas.com onboarding.athelas.com api.athelas.com rcm-api.athelas.com	1 MB
9	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2248 ekr.zdassets.com — Cisco Umbrella Rank: 2556	222 KB
3	zendesk.com athelas.zendesk.com	1 KB
3	stripe.com js.stripe.com — Cisco Umbrella Rank: 1088	148 KB
1	sentry.io o4504923185020928.ingest.sentry.io	348 B
1	gstatic.com fonts.gstatic.com	24 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	258 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	96 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	26 KB
32	10

	Domain	Requested by
8	static.zdassets.com	onboarding.athelas.com static.zdassets.com
6	onboarding.athelas.com	onboarding.athelas.com
3	athelas.zendesk.com	static.zdassets.com
3	js.stripe.com	onboarding.athelas.com js.stripe.com
2	rcm-api.athelas.com	onboarding.athelas.com
2	api.athelas.com	onboarding.athelas.com
1	o4504923185020928.ingest.sentry.io	onboarding.athelas.com
1	fonts.gstatic.com	fonts.googleapis.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ekr.zdassets.com	static.zdassets.com
1	fonts.googleapis.com	onboarding.athelas.com
1	www.googletagmanager.com	onboarding.athelas.com
1	cdn.jsdelivr.net	onboarding.athelas.com
1	r.athelas.com	1 redirects
32	14

This site contains no links.

Subject Issuer	Validity	Valid
onboarding.athelas.com E1	`2024-04-13` - `2024-07-12`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
zdassets.com E1	`2024-05-01` - `2024-07-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
api.athelas.com GTS CA 1D4	`2024-04-12` - `2024-07-11`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-03-27` - `2024-06-27`	3 months	crt.sh
rcm-api.athelas.com GTS CA 1D4	`2024-04-15` - `2024-07-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
athelas.zendesk.com Cloudflare Inc ECC CA-3	`2023-09-08` - `2024-09-07`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://onboarding.athelas.com/patient_pay?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjQxNDc0NywiZmlyc3RfbmFtZSI6IktSSVNUQSIsImxhc3RfbmFtZSI6IkJPRFJFUk8iLCJzaXRlX2xvZ29fdXJsIjoiaHR0cHM6Ly9zdG9yYWdlLmdvb2dsZWFwaXMuY29tL25vcm1hbmR5X3NpdGVfbG9nb3MvbG9nb3MvLTEvcGF0aWVudF9wYXlfbG9nby5qcGciLCJzaXRlX25hbWUiOiJDYWNoZSBWYWxsZXkgV29tZW5zIENlbnRlciIsInNpdGVfaWQiOjI2NSwicGF0aWVudF9yZXNwb25zaWJpbGl0eV9pZHMiOlszOTk3MDgsNDQ4MzM3LDUwMzYyOCw2NjcwOTNdLCJhbW91bnRfZHVlX2NlbnRzIjoxODAwMCwiYXBwbHlfY3JlZGl0cyI6ZmFsc2UsImFwcGx5X2ZlZXMiOnRydWUsImJhdGNoX2lkIjoiYXV0b19zZW5kX2JhdGNoXzU2MTQ5MzA4LWJkZWItNDM2NC05YjMyLWJkZDI2MjFkOWY0MSIsImRlcGVuZGVudF9wYXRpZW50cyI6bnVsbCwibm90ZV9pZCI6bnVsbCwiZ2lmdF9jYXJkX2lkIjpudWxsLCJjcmVkaXRzX2Rpc3RyaWJ1dGlvbiI6bnVsbH0.MU8PLOVksA8MyjjLupq7HQBVK0n7FsQskQXpD29SJ62wybR9CK7niTem1CfFhh7DsMcwl8oFNc2aEBpMhi_TiEzk3eTRRwCybpvD18TriUYyy7WkyoYujr39uwJ5kpmoVz64R8WO6rGvUQ3eDYjSYjUrWNHVSK2CqrmY4Vo5dlA5pj91JC1gOUZx_oulO6pfOnoZYfIehBPTBUHvHEkdRuwaE0ca-cwaoWjRS1__pqV0OfYDGPsK-UHDwJxPzzWZZwwD9Jb1yMok0n6USthoC3zacDpaf9vpTYK-i95Jz6j-D_NBWu0T9wmie3hByvOyzg7-3ISXG6t3cU79ObjzvV2Z8UPAgGlbNTxpdprt-7VfoYUjvsl_8S_crJJanjfFa5tgtCF5sCa80zBnR_wlqq6fHbynUK5xIX5Bo7aaVlHZtLfC5GaTd_GzU_mi9JQ0V_64s0CRmyML2rXAevY87OD5MiBmHlVwQOdOwT1u5VC9_SWA7avp2Rm0Zd2RyM0BBlBoOKUts-JDNp1ONXUZ4321NSjDukiL6hVJTnX4R5f4TCF1RRTBH_GzXuaKnLsMTNqT3V-POdfkd2rEXGr4paw6UqXrjLS9AqyYsPnJXPGljYAeIWzH1Pe5dywnYuFKolU3gOhop1mc30dSNKXp3-TKxcl5ne4B2aAtqA93JhE
Frame ID: 07B35DA76083B8E62593232F425C0B98
Requests: 18 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-2c036c6.js
Frame ID: 07469D9B7F70CB901633A78226E21164
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-d5d04e12b590b912b9e630496bb99ce3.html
Frame ID: 445F8531F2C7880A96DCFEE958AEB445
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 973B4DD90A1C568A553E6A5A3862225E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Athelas Onboarding

Page URL History Show full URLs

https://r.athelas.com/onboarding/QQkg8Bx3r4QQi7eU8 HTTP 302
https://onboarding.athelas.com/patient_pay?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjQxNDc0NywiZ... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

32
Requests

97 %
HTTPS

40 %
IPv6

10
Domains

14
Subdomains

15
IPs

3
Countries

1734 kB
Transfer

6113 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://r.athelas.com/onboarding/QQkg8Bx3r4QQi7eU8 HTTP 302
https://onboarding.athelas.com/patient_pay?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjQxNDc0NywiZmlyc3RfbmFtZSI6IktSSVNUQSIsImxhc3RfbmFtZSI6IkJPRFJFUk8iLCJzaXRlX2xvZ29fdXJsIjoiaHR0cHM6Ly9zdG9yYWdlLmdvb2dsZWFwaXMuY29tL25vcm1hbmR5X3NpdGVfbG9nb3MvbG9nb3MvLTEvcGF0aWVudF9wYXlfbG9nby5qcGciLCJzaXRlX25hbWUiOiJDYWNoZSBWYWxsZXkgV29tZW5zIENlbnRlciIsInNpdGVfaWQiOjI2NSwicGF0aWVudF9yZXNwb25zaWJpbGl0eV9pZHMiOlszOTk3MDgsNDQ4MzM3LDUwMzYyOCw2NjcwOTNdLCJhbW91bnRfZHVlX2NlbnRzIjoxODAwMCwiYXBwbHlfY3JlZGl0cyI6ZmFsc2UsImFwcGx5X2ZlZXMiOnRydWUsImJhdGNoX2lkIjoiYXV0b19zZW5kX2JhdGNoXzU2MTQ5MzA4LWJkZWItNDM2NC05YjMyLWJkZDI2MjFkOWY0MSIsImRlcGVuZGVudF9wYXRpZW50cyI6bnVsbCwibm90ZV9pZCI6bnVsbCwiZ2lmdF9jYXJkX2lkIjpudWxsLCJjcmVkaXRzX2Rpc3RyaWJ1dGlvbiI6bnVsbH0.MU8PLOVksA8MyjjLupq7HQBVK0n7FsQskQXpD29SJ62wybR9CK7niTem1CfFhh7DsMcwl8oFNc2aEBpMhi_TiEzk3eTRRwCybpvD18TriUYyy7WkyoYujr39uwJ5kpmoVz64R8WO6rGvUQ3eDYjSYjUrWNHVSK2CqrmY4Vo5dlA5pj91JC1gOUZx_oulO6pfOnoZYfIehBPTBUHvHEkdRuwaE0ca-cwaoWjRS1__pqV0OfYDGPsK-UHDwJxPzzWZZwwD9Jb1yMok0n6USthoC3zacDpaf9vpTYK-i95Jz6j-D_NBWu0T9wmie3hByvOyzg7-3ISXG6t3cU79ObjzvV2Z8UPAgGlbNTxpdprt-7VfoYUjvsl_8S_crJJanjfFa5tgtCF5sCa80zBnR_wlqq6fHbynUK5xIX5Bo7aaVlHZtLfC5GaTd_GzU_mi9JQ0V_64s0CRmyML2rXAevY87OD5MiBmHlVwQOdOwT1u5VC9_SWA7avp2Rm0Zd2RyM0BBlBoOKUts-JDNp1ONXUZ4321NSjDukiL6hVJTnX4R5f4TCF1RRTBH_GzXuaKnLsMTNqT3V-POdfkd2rEXGr4paw6UqXrjLS9AqyYsPnJXPGljYAeIWzH1Pe5dywnYuFKolU3gOhop1mc30dSNKXp3-TKxcl5ne4B2aAtqA93JhE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request patient_pay Show response
onboarding.athelas.com/
Redirect Chain

https://r.athelas.com/onboarding/QQkg8Bx3r4QQi7eU8
https://onboarding.athelas.com/patient_pay?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjQxNDc0NywiZmlyc3RfbmFtZSI6IktSSVNUQSIsImxhc3RfbmFtZSI6IkJPRFJFUk8iLCJzaXRlX2xvZ29fdXJsIjoiaHR0cHM6Ly9...

4 KB
3 KB

238ms
132ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.athelas.com/patient_pay?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjQxNDc0NywiZmlyc3RfbmFtZSI6IktSSVNUQSIsImxhc3RfbmFtZSI6IkJPRFJFUk8iLCJzaXRlX2xvZ29fdXJsIjoiaHR0cHM6Ly9zdG9yYWdlLmdvb2dsZWFwaXMuY29tL25vcm1hbmR5X3NpdGVfbG9nb3MvbG9nb3MvLTEvcGF0aWVudF9wYXlfbG9nby5qcGciLCJzaXRlX25hbWUiOiJDYWNoZSBWYWxsZXkgV29tZW5zIENlbnRlciIsInNpdGVfaWQiOjI2NSwicGF0aWVudF9yZXNwb25zaWJpbGl0eV9pZHMiOlszOTk3MDgsNDQ4MzM3LDUwMzYyOCw2NjcwOTNdLCJhbW91bnRfZHVlX2NlbnRzIjoxODAwMCwiYXBwbHlfY3JlZGl0cyI6ZmFsc2UsImFwcGx5X2ZlZXMiOnRydWUsImJhdGNoX2lkIjoiYXV0b19zZW5kX2JhdGNoXzU2MTQ5MzA4LWJkZWItNDM2NC05YjMyLWJkZDI2MjFkOWY0MSIsImRlcGVuZGVudF9wYXRpZW50cyI6bnVsbCwibm90ZV9pZCI6bnVsbCwiZ2lmdF9jYXJkX2lkIjpudWxsLCJjcmVkaXRzX2Rpc3RyaWJ1dGlvbiI6bnVsbH0.MU8PLOVksA8MyjjLupq7HQBVK0n7FsQskQXpD29SJ62wybR9CK7niTem1CfFhh7DsMcwl8oFNc2aEBpMhi_TiEzk3eTRRwCybpvD18TriUYyy7WkyoYujr39uwJ5kpmoVz64R8WO6rGvUQ3eDYjSYjUrWNHVSK2CqrmY4Vo5dlA5pj91JC1gOUZx_oulO6pfOnoZYfIehBPTBUHvHEkdRuwaE0ca-cwaoWjRS1__pqV0OfYDGPsK-UHDwJxPzzWZZwwD9Jb1yMok0n6USthoC3zacDpaf9vpTYK-i95Jz6j-D_NBWu0T9wmie3hByvOyzg7-3ISXG6t3cU79ObjzvV2Z8UPAgGlbNTxpdprt-7VfoYUjvsl_8S_crJJanjfFa5tgtCF5sCa80zBnR_wlqq6fHbynUK5xIX5Bo7aaVlHZtLfC5GaTd_GzU_mi9JQ0V_64s0CRmyML2rXAevY87OD5MiBmHlVwQOdOwT1u5VC9_SWA7avp2Rm0Zd2RyM0BBlBoOKUts-JDNp1ONXUZ4321NSjDukiL6hVJTnX4R5f4TCF1RRTBH_GzXuaKnLsMTNqT3V-POdfkd2rEXGr4paw6UqXrjLS9AqyYsPnJXPGljYAeIWzH1Pe5dywnYuFKolU3gOhop1mc30dSNKXp3-TKxcl5ne4B2aAtqA93JhE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4aa1eb8c2cdb1b0188ed4b82440f757e5d9a11ef0aecdfd9956998653a6b0a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 88027cf04f890857-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 07 May 2024 16:11:49 GMT
etag: W/"e89c72f0c62816e980d07e0a542f7228"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EycPmwrMyLHgFlZn64p%2BdfBYcr9VbWDxTS4256IOVIUHqZQM9tUO1m8QYHFD0Try9r%2Bbl0FPkJnmHeVbgl5yaZGv3VUlK%2BO%2Fn9gh3rvmWEa6xxtgwfnzIajY%2BJDJPhdrg2cQq%2BMWrgkeLTgtQYkh7yclghqo"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: script-src 'report-sample' 'nonce-DJV1n2K7neqhqVa4UeePEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport/allowlist,require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
content-type: application/binary
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: same-site
date: Tue, 07 May 2024 16:11:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://onboarding.athelas.com/patient_pay?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjQxNDc0NywiZmlyc3RfbmFtZSI6IktSSVNUQSIsImxhc3RfbmFtZSI6IkJPRFJFUk8iLCJzaXRlX2xvZ29fdXJsIjoiaHR0cHM6Ly9zdG9yYWdlLmdvb2dsZWFwaXMuY29tL25vcm1hbmR5X3NpdGVfbG9nb3MvbG9nb3MvLTEvcGF0aWVudF9wYXlfbG9nby5qcGciLCJzaXRlX25hbWUiOiJDYWNoZSBWYWxsZXkgV29tZW5zIENlbnRlciIsInNpdGVfaWQiOjI2NSwicGF0aWVudF9yZXNwb25zaWJpbGl0eV9pZHMiOlszOTk3MDgsNDQ4MzM3LDUwMzYyOCw2NjcwOTNdLCJhbW91bnRfZHVlX2NlbnRzIjoxODAwMCwiYXBwbHlfY3JlZGl0cyI6ZmFsc2UsImFwcGx5X2ZlZXMiOnRydWUsImJhdGNoX2lkIjoiYXV0b19zZW5kX2JhdGNoXzU2MTQ5MzA4LWJkZWItNDM2NC05YjMyLWJkZDI2MjFkOWY0MSIsImRlcGVuZGVudF9wYXRpZW50cyI6bnVsbCwibm90ZV9pZCI6bnVsbCwiZ2lmdF9jYXJkX2lkIjpudWxsLCJjcmVkaXRzX2Rpc3RyaWJ1dGlvbiI6bnVsbH0.MU8PLOVksA8MyjjLupq7HQBVK0n7FsQskQXpD29SJ62wybR9CK7niTem1CfFhh7DsMcwl8oFNc2aEBpMhi_TiEzk3eTRRwCybpvD18TriUYyy7WkyoYujr39uwJ5kpmoVz64R8WO6rGvUQ3eDYjSYjUrWNHVSK2CqrmY4Vo5dlA5pj91JC1gOUZx_oulO6pfOnoZYfIehBPTBUHvHEkdRuwaE0ca-cwaoWjRS1__pqV0OfYDGPsK-UHDwJxPzzWZZwwD9Jb1yMok0n6USthoC3zacDpaf9vpTYK-i95Jz6j-D_NBWu0T9wmie3hByvOyzg7-3ISXG6t3cU79ObjzvV2Z8UPAgGlbNTxpdprt-7VfoYUjvsl_8S_crJJanjfFa5tgtCF5sCa80zBnR_wlqq6fHbynUK5xIX5Bo7aaVlHZtLfC5GaTd_GzU_mi9JQ0V_64s0CRmyML2rXAevY87OD5MiBmHlVwQOdOwT1u5VC9_SWA7avp2Rm0Zd2RyM0BBlBoOKUts-JDNp1ONXUZ4321NSjDukiL6hVJTnX4R5f4TCF1RRTBH_GzXuaKnLsMTNqT3V-POdfkd2rEXGr4paw6UqXrjLS9AqyYsPnJXPGljYAeIWzH1Pe5dywnYuFKolU3gOhop1mc30dSNKXp3-TKxcl5ne4B2aAtqA93JhE
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230051-FRA
x-timer: S1715098309.838886,VS0,VE193

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 160 KB
26 KB 99ms
36ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css

Requested by

Host: onboarding.athelas.com
URL: https://onboarding.athelas.com/patient_pay?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjQxNDc0NywiZmlyc3RfbmFtZSI6IktSSVNUQSIsImxhc3RfbmFtZSI6IkJPRFJFUk8iLCJzaXRlX2xvZ29fdXJsIjoiaHR0cHM6Ly9zdG9yYWdlLmdvb2dsZWFwaXMuY29tL25vcm1hbmR5X3NpdGVfbG9nb3MvbG9nb3MvLTEvcGF0aWVudF9wYXlfbG9nby5qcGciLCJzaXRlX25hbWUiOiJDYWNoZSBWYWxsZXkgV29tZW5zIENlbnRlciIsInNpdGVfaWQiOjI2NSwicGF0aWVudF9yZXNwb25zaWJpbGl0eV9pZHMiOlszOTk3MDgsNDQ4MzM3LDUwMzYyOCw2NjcwOTNdLCJhbW91bnRfZHVlX2NlbnRzIjoxODAwMCwiYXBwbHlfY3JlZGl0cyI6ZmFsc2UsImFwcGx5X2ZlZXMiOnRydWUsImJhdGNoX2lkIjoiYXV0b19zZW5kX2JhdGNoXzU2MTQ5MzA4LWJkZWItNDM2NC05YjMyLWJkZDI2MjFkOWY0MSIsImRlcGVuZGVudF9wYXRpZW50cyI6bnVsbCwibm90ZV9pZCI6bnVsbCwiZ2lmdF9jYXJkX2lkIjpudWxsLCJjcmVkaXRzX2Rpc3RyaWJ1dGlvbiI6bnVsbH0.MU8PLOVksA8MyjjLupq7HQBVK0n7FsQskQXpD29SJ62wybR9CK7niTem1CfFhh7DsMcwl8oFNc2aEBpMhi_TiEzk3eTRRwCybpvD18TriUYyy7WkyoYujr39uwJ5kpmoVz64R8WO6rGvUQ3eDYjSYjUrWNHVSK2CqrmY4Vo5dlA5pj91JC1gOUZx_oulO6pfOnoZYfIehBPTBUHvHEkdRuwaE0ca-cwaoWjRS1__pqV0OfYDGPsK-UHDwJxPzzWZZwwD9Jb1yMok0n6USthoC3zacDpaf9vpTYK-i95Jz6j-D_NBWu0T9wmie3hByvOyzg7-3ISXG6t3cU79ObjzvV2Z8UPAgGlbNTxpdprt-7VfoYUjvsl_8S_crJJanjfFa5tgtCF5sCa80zBnR_wlqq6fHbynUK5xIX5Bo7aaVlHZtLfC5GaTd_GzU_mi9JQ0V_64s0CRmyML2rXAevY87OD5MiBmHlVwQOdOwT1u5VC9_SWA7avp2Rm0Zd2RyM0BBlBoOKUts-JDNp1ONXUZ4321NSjDukiL6hVJTnX4R5f4TCF1RRTBH_GzXuaKnLsMTNqT3V-POdfkd2rEXGr4paw6UqXrjLS9AqyYsPnJXPGljYAeIWzH1Pe5dywnYuFKolU3gOhop1mc30dSNKXp3-TKxcl5ne4B2aAtqA93JhE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://onboarding.athelas.com/
Origin: https://onboarding.athelas.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 07 May 2024 16:11:49 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1858052
x-jsd-version: 5.1.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26333
x-served-by: cache-fra-etou8220120-FRA
x-jsd-version-type: version
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
96 KB 117ms
55ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JPYRSMV841

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8961d3ea9549719851a7ecbf62e4a9c8e8f726f7a0dfbd2b8cacd7bdf63cc56f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://onboarding.athelas.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 16:11:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98018
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 May 2024 16:11:49 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 101ms
40ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=e4d7ac7f-16a9-46fa-8a97-ba47d7a7e154

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://onboarding.athelas.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 16:11:49 GMT
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 16EJPM9K30XP37FF
age: 20
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: z1V/NuijnK7Md6R8xho26aVzAi5YWZpIy2l2KX04qLLf562XDGukX+pnpGWp4oLzz96OIYLMddM=
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=59zTBPLtc5nrgBtfQC5jNXQggAffM9nOGzM8NFRO9qtKA7lc4S2lz4CH5%2FU%2F0LzlLerz2CP9PsaqJoiyi25AW%2FFQwD1wP%2BUklg0HyrvXf%2FQG228ijdnr3%2BA%2F%2FkEVbnu2VZlQxpE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=3600, s-maxage=60
access-control-max-age: 0
cf-ray: 88027cf3695c19ad-FRA
access-control-allow-headers: *

GET
H3 200 2.0a9ec390.chunk.css
onboarding.athelas.com/static/css/ 163 KB
26 KB 72ms
71ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.athelas.com/static/css/2.0a9ec390.chunk.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

031dc46051a59b7531591cc6517ef768dd4dfba26c6164b8b2ab0a5c3763ee7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://onboarding.athelas.com/patient_pay?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjQxNDc0NywiZmlyc3RfbmFtZSI6IktSSVNUQSIsImxhc3RfbmFtZSI6IkJPRFJFUk8iLCJzaXRlX2xvZ29fdXJsIjoiaHR0cHM6Ly9zdG9yYWdlLmdvb2dsZWFwaXMuY29tL25vcm1hbmR5X3NpdGVfbG9nb3MvbG9nb3MvLTEvcGF0aWVudF9wYXlfbG9nby5qcGciLCJzaXRlX25hbWUiOiJDYWNoZSBWYWxsZXkgV29tZW5zIENlbnRlciIsInNpdGVfaWQiOjI2NSwicGF0aWVudF9yZXNwb25zaWJpbGl0eV9pZHMiOlszOTk3MDgsNDQ4MzM3LDUwMzYyOCw2NjcwOTNdLCJhbW91bnRfZHVlX2NlbnRzIjoxODAwMCwiYXBwbHlfY3JlZGl0cyI6ZmFsc2UsImFwcGx5X2ZlZXMiOnRydWUsImJhdGNoX2lkIjoiYXV0b19zZW5kX2JhdGNoXzU2MTQ5MzA4LWJkZWItNDM2NC05YjMyLWJkZDI2MjFkOWY0MSIsImRlcGVuZGVudF9wYXRpZW50cyI6bnVsbCwibm90ZV9pZCI6bnVsbCwiZ2lmdF9jYXJkX2lkIjpudWxsLCJjcmVkaXRzX2Rpc3RyaWJ1dGlvbiI6bnVsbH0.MU8PLOVksA8MyjjLupq7HQBVK0n7FsQskQXpD29SJ62wybR9CK7niTem1CfFhh7DsMcwl8oFNc2aEBpMhi_TiEzk3eTRRwCybpvD18TriUYyy7WkyoYujr39uwJ5kpmoVz64R8WO6rGvUQ3eDYjSYjUrWNHVSK2CqrmY4Vo5dlA5pj91JC1gOUZx_oulO6pfOnoZYfIehBPTBUHvHEkdRuwaE0ca-cwaoWjRS1__pqV0OfYDGPsK-UHDwJxPzzWZZwwD9Jb1yMok0n6USthoC3zacDpaf9vpTYK-i95Jz6j-D_NBWu0T9wmie3hByvOyzg7-3ISXG6t3cU79ObjzvV2Z8UPAgGlbNTxpdprt-7VfoYUjvsl_8S_crJJanjfFa5tgtCF5sCa80zBnR_wlqq6fHbynUK5xIX5Bo7aaVlHZtLfC5GaTd_GzU_mi9JQ0V_64s0CRmyML2rXAevY87OD5MiBmHlVwQOdOwT1u5VC9_SWA7avp2Rm0Zd2RyM0BBlBoOKUts-JDNp1ONXUZ4321NSjDukiL6hVJTnX4R5f4TCF1RRTBH_GzXuaKnLsMTNqT3V-POdfkd2rEXGr4paw6UqXrjLS9AqyYsPnJXPGljYAeIWzH1Pe5dywnYuFKolU3gOhop1mc30dSNKXp3-TKxcl5ne4B2aAtqA93JhE
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 16:11:49 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"18579cff44b8c716f87e858935363049"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Eq7crIhnJNN64t9BWCQCsgz6DS450qphfKTZIwE2%2B7IgWd%2FqTyc4iIaMv1KLDAyJM5DFqv1ujf62xC%2B2ZtyNZnyzxgcdfxaRnlmwnSy44%2B6fBCTEY9FsZC0HEbMqmZK5Qb5Lat016LRK691tPliyUART498e"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 88027cf30ac60857-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.bc019796.chunk.css
onboarding.athelas.com/static/css/ 24 KB
6 KB 107ms
106ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.athelas.com/static/css/main.bc019796.chunk.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ebdbd7a88a711a43fc51d48d4317580124b490a824c4a217d8ec5500b9569d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://onboarding.athelas.com/patient_pay?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjQxNDc0NywiZmlyc3RfbmFtZSI6IktSSVNUQSIsImxhc3RfbmFtZSI6IkJPRFJFUk8iLCJzaXRlX2xvZ29fdXJsIjoiaHR0cHM6Ly9zdG9yYWdlLmdvb2dsZWFwaXMuY29tL25vcm1hbmR5X3NpdGVfbG9nb3MvbG9nb3MvLTEvcGF0aWVudF9wYXlfbG9nby5qcGciLCJzaXRlX25hbWUiOiJDYWNoZSBWYWxsZXkgV29tZW5zIENlbnRlciIsInNpdGVfaWQiOjI2NSwicGF0aWVudF9yZXNwb25zaWJpbGl0eV9pZHMiOlszOTk3MDgsNDQ4MzM3LDUwMzYyOCw2NjcwOTNdLCJhbW91bnRfZHVlX2NlbnRzIjoxODAwMCwiYXBwbHlfY3JlZGl0cyI6ZmFsc2UsImFwcGx5X2ZlZXMiOnRydWUsImJhdGNoX2lkIjoiYXV0b19zZW5kX2JhdGNoXzU2MTQ5MzA4LWJkZWItNDM2NC05YjMyLWJkZDI2MjFkOWY0MSIsImRlcGVuZGVudF9wYXRpZW50cyI6bnVsbCwibm90ZV9pZCI6bnVsbCwiZ2lmdF9jYXJkX2lkIjpudWxsLCJjcmVkaXRzX2Rpc3RyaWJ1dGlvbiI6bnVsbH0.MU8PLOVksA8MyjjLupq7HQBVK0n7FsQskQXpD29SJ62wybR9CK7niTem1CfFhh7DsMcwl8oFNc2aEBpMhi_TiEzk3eTRRwCybpvD18TriUYyy7WkyoYujr39uwJ5kpmoVz64R8WO6rGvUQ3eDYjSYjUrWNHVSK2CqrmY4Vo5dlA5pj91JC1gOUZx_oulO6pfOnoZYfIehBPTBUHvHEkdRuwaE0ca-cwaoWjRS1__pqV0OfYDGPsK-UHDwJxPzzWZZwwD9Jb1yMok0n6USthoC3zacDpaf9vpTYK-i95Jz6j-D_NBWu0T9wmie3hByvOyzg7-3ISXG6t3cU79ObjzvV2Z8UPAgGlbNTxpdprt-7VfoYUjvsl_8S_crJJanjfFa5tgtCF5sCa80zBnR_wlqq6fHbynUK5xIX5Bo7aaVlHZtLfC5GaTd_GzU_mi9JQ0V_64s0CRmyML2rXAevY87OD5MiBmHlVwQOdOwT1u5VC9_SWA7avp2Rm0Zd2RyM0BBlBoOKUts-JDNp1ONXUZ4321NSjDukiL6hVJTnX4R5f4TCF1RRTBH_GzXuaKnLsMTNqT3V-POdfkd2rEXGr4paw6UqXrjLS9AqyYsPnJXPGljYAeIWzH1Pe5dywnYuFKolU3gOhop1mc30dSNKXp3-TKxcl5ne4B2aAtqA93JhE
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 16:11:49 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"433b6b06158c3b1b55ff9d7dd28a9ee3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wq8KWjDpuNHDPPQkdN6l%2F9YwbOHpxB1VYvzt3xHKvloMYwvtrSLPSKwowXRP3oYIOKQQAAM82m3ftKcp8oeIMpQCOVldkCR9FHvdfGbuboEc11%2BamcNeufujbYEU93M5PNjUi%2BCaKX20NLcoiUD%2B2iErxwnD"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 88027cf30acb0857-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 2.7a2b627c.chunk.js Show response
onboarding.athelas.com/static/js/ 3 MB
970 KB 122ms
121ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.athelas.com/static/js/2.7a2b627c.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

049ca1cf123757148bd46b076bbd2a133bea348c6a357c5955e6682c1c2fa959

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://onboarding.athelas.com/patient_pay?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjQxNDc0NywiZmlyc3RfbmFtZSI6IktSSVNUQSIsImxhc3RfbmFtZSI6IkJPRFJFUk8iLCJzaXRlX2xvZ29fdXJsIjoiaHR0cHM6Ly9zdG9yYWdlLmdvb2dsZWFwaXMuY29tL25vcm1hbmR5X3NpdGVfbG9nb3MvbG9nb3MvLTEvcGF0aWVudF9wYXlfbG9nby5qcGciLCJzaXRlX25hbWUiOiJDYWNoZSBWYWxsZXkgV29tZW5zIENlbnRlciIsInNpdGVfaWQiOjI2NSwicGF0aWVudF9yZXNwb25zaWJpbGl0eV9pZHMiOlszOTk3MDgsNDQ4MzM3LDUwMzYyOCw2NjcwOTNdLCJhbW91bnRfZHVlX2NlbnRzIjoxODAwMCwiYXBwbHlfY3JlZGl0cyI6ZmFsc2UsImFwcGx5X2ZlZXMiOnRydWUsImJhdGNoX2lkIjoiYXV0b19zZW5kX2JhdGNoXzU2MTQ5MzA4LWJkZWItNDM2NC05YjMyLWJkZDI2MjFkOWY0MSIsImRlcGVuZGVudF9wYXRpZW50cyI6bnVsbCwibm90ZV9pZCI6bnVsbCwiZ2lmdF9jYXJkX2lkIjpudWxsLCJjcmVkaXRzX2Rpc3RyaWJ1dGlvbiI6bnVsbH0.MU8PLOVksA8MyjjLupq7HQBVK0n7FsQskQXpD29SJ62wybR9CK7niTem1CfFhh7DsMcwl8oFNc2aEBpMhi_TiEzk3eTRRwCybpvD18TriUYyy7WkyoYujr39uwJ5kpmoVz64R8WO6rGvUQ3eDYjSYjUrWNHVSK2CqrmY4Vo5dlA5pj91JC1gOUZx_oulO6pfOnoZYfIehBPTBUHvHEkdRuwaE0ca-cwaoWjRS1__pqV0OfYDGPsK-UHDwJxPzzWZZwwD9Jb1yMok0n6USthoC3zacDpaf9vpTYK-i95Jz6j-D_NBWu0T9wmie3hByvOyzg7-3ISXG6t3cU79ObjzvV2Z8UPAgGlbNTxpdprt-7VfoYUjvsl_8S_crJJanjfFa5tgtCF5sCa80zBnR_wlqq6fHbynUK5xIX5Bo7aaVlHZtLfC5GaTd_GzU_mi9JQ0V_64s0CRmyML2rXAevY87OD5MiBmHlVwQOdOwT1u5VC9_SWA7avp2Rm0Zd2RyM0BBlBoOKUts-JDNp1ONXUZ4321NSjDukiL6hVJTnX4R5f4TCF1RRTBH_GzXuaKnLsMTNqT3V-POdfkd2rEXGr4paw6UqXrjLS9AqyYsPnJXPGljYAeIWzH1Pe5dywnYuFKolU3gOhop1mc30dSNKXp3-TKxcl5ne4B2aAtqA93JhE
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 16:11:49 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b2677bf2302db3d05e84bc45d6382a5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2FFs9JWPoKSfq1mLwOI1xLsFFnt4a3jHqSomPvO%2B34QXMG0TEEfVCX1B%2FcE5RC0OHvVkZAC3XkCbXUSl9meT3AzT4JRUrtG9MuQwIa09fyPF780fWLI2Lq%2F94RlMN0NEMdyISa9xatskKmEexp%2FgaGOZcLhG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 88027cf30acf0857-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.6f84e775.chunk.js Show response
onboarding.athelas.com/static/js/ 670 KB
210 KB 109ms
108ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.athelas.com/static/js/main.6f84e775.chunk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

745d83007a53e5bfcd2a99f8dd2614ff2d6436751eb2128af7a38d99206bea7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://onboarding.athelas.com/patient_pay?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjQxNDc0NywiZmlyc3RfbmFtZSI6IktSSVNUQSIsImxhc3RfbmFtZSI6IkJPRFJFUk8iLCJzaXRlX2xvZ29fdXJsIjoiaHR0cHM6Ly9zdG9yYWdlLmdvb2dsZWFwaXMuY29tL25vcm1hbmR5X3NpdGVfbG9nb3MvbG9nb3MvLTEvcGF0aWVudF9wYXlfbG9nby5qcGciLCJzaXRlX25hbWUiOiJDYWNoZSBWYWxsZXkgV29tZW5zIENlbnRlciIsInNpdGVfaWQiOjI2NSwicGF0aWVudF9yZXNwb25zaWJpbGl0eV9pZHMiOlszOTk3MDgsNDQ4MzM3LDUwMzYyOCw2NjcwOTNdLCJhbW91bnRfZHVlX2NlbnRzIjoxODAwMCwiYXBwbHlfY3JlZGl0cyI6ZmFsc2UsImFwcGx5X2ZlZXMiOnRydWUsImJhdGNoX2lkIjoiYXV0b19zZW5kX2JhdGNoXzU2MTQ5MzA4LWJkZWItNDM2NC05YjMyLWJkZDI2MjFkOWY0MSIsImRlcGVuZGVudF9wYXRpZW50cyI6bnVsbCwibm90ZV9pZCI6bnVsbCwiZ2lmdF9jYXJkX2lkIjpudWxsLCJjcmVkaXRzX2Rpc3RyaWJ1dGlvbiI6bnVsbH0.MU8PLOVksA8MyjjLupq7HQBVK0n7FsQskQXpD29SJ62wybR9CK7niTem1CfFhh7DsMcwl8oFNc2aEBpMhi_TiEzk3eTRRwCybpvD18TriUYyy7WkyoYujr39uwJ5kpmoVz64R8WO6rGvUQ3eDYjSYjUrWNHVSK2CqrmY4Vo5dlA5pj91JC1gOUZx_oulO6pfOnoZYfIehBPTBUHvHEkdRuwaE0ca-cwaoWjRS1__pqV0OfYDGPsK-UHDwJxPzzWZZwwD9Jb1yMok0n6USthoC3zacDpaf9vpTYK-i95Jz6j-D_NBWu0T9wmie3hByvOyzg7-3ISXG6t3cU79ObjzvV2Z8UPAgGlbNTxpdprt-7VfoYUjvsl_8S_crJJanjfFa5tgtCF5sCa80zBnR_wlqq6fHbynUK5xIX5Bo7aaVlHZtLfC5GaTd_GzU_mi9JQ0V_64s0CRmyML2rXAevY87OD5MiBmHlVwQOdOwT1u5VC9_SWA7avp2Rm0Zd2RyM0BBlBoOKUts-JDNp1ONXUZ4321NSjDukiL6hVJTnX4R5f4TCF1RRTBH_GzXuaKnLsMTNqT3V-POdfkd2rEXGr4paw6UqXrjLS9AqyYsPnJXPGljYAeIWzH1Pe5dywnYuFKolU3gOhop1mc30dSNKXp3-TKxcl5ne4B2aAtqA93JhE
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 16:11:49 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b1f2eed333791bd481f4d3b13cc4a2c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yIWvRcE1s2QfEkDXiWH4PMWvpHp5DEaxncVNubQfxJesMAemQ8n%2F5eUX4qyheWXYLLXMlkt3sy%2FeMrvjEv3Ls9gX9XbjpbJYBGzQUe4RjiK6YCgnYHNz5cuOHSMwabPHGgsopbRl%2BOHcfNfzap32J%2FWGq4%2BT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 88027cf30ad10857-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 98ms
37ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Manrope:wght@400;600;800&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

80d89c389c22899faf59967d681288e8e32b6dd5080af76e40e5ac015ebf2cbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://onboarding.athelas.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 May 2024 16:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 May 2024 16:05:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 May 2024 16:11:49 GMT

GET
H2 200 e4d7ac7f-16a9-46fa-8a97-ba47d7a7e154 Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 375ms
47ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/e4d7ac7f-16a9-46fa-8a97-ba47d7a7e154

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=e4d7ac7f-16a9-46fa-8a97-ba47d7a7e154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ffd0e494479ecb5446891cab4b7d50c9f834548aa02b60618646fdce5ab6f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://onboarding.athelas.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 16:11:50 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
age: 25
content-encoding: br
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 8800e6fea893533f-SEA, 8800e6fea893533f-SEA
x-runtime: 0.003794
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3ffd0e494479ecb5446891cab4b7d50c"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DYOS6Ep36SKPph1qHJ1oqr%2Ff%2BJuB%2FyRGZf0DrGJ7aw06QFbCQbn5Nt%2F5BQH3bnXxWpN60pBmUrQVcq5DNaGk7OrVcWgMARogL8QeRd3WrnyzsxbMCF3FvY%2BIPIwgA9NWqVA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 88027cf5db74bbe5-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 279ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JPYRSMV841&gtm=45je4510v884878155za200&_p=1715098309710&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2050775256.1715098310&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1715098309&sct=1&seg=0&dl=https%3A%2F%2Fonboarding.athelas.com%2Fpatient_pay%3Ftoken%3DeyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjQxNDc0NywiZmlyc3RfbmFtZSI6IktSSVNUQSIsImxhc3RfbmFtZSI6IkJPRFJFUk8iLCJzaXRlX2xvZ29fdXJsIjoiaHR0cHM6Ly9zdG9yYWdlLmdvb2dsZWFwaXMuY29tL25vcm1hbmR5X3NpdGVfbG9nb3MvbG9nb3MvLTEvcGF0aWVudF9wYXlfbG9nby5qcGciLCJzaXRlX25hbWUiOiJDYWNoZSBWYWxsZXkgV29tZW5zIENlbnRlciIsInNpdGVfaWQiOjI2NSwicGF0aWVudF9yZXNwb25zaWJpbGl0eV9pZHMiOlszOTk3MDgsNDQ4MzM3LDUwMzYyOCw2NjcwOTNdLCJhbW91bnRfZHVlX2NlbnRzIjoxODAwMCwiYXBwbHlfY3JlZGl0cyI6ZmFsc2UsImFwcGx5X2ZlZXMiOnRydWUsImJhdGNoX2lkIjoiYXV0b19zZW5kX2JhdGNoXzU2MTQ5MzA4LWJkZWItNDM2NC05YjMyLWJkZDI2MjFkOWY0MSIsImRlcGVuZGVudF9wYXRpZW50cyI6bnVsbCwibm90ZV9pZCI6bnVsbCwiZ2lmdF9jYXJkX2lkIjpudWxsLCJjcmVkaXRzX2Rpc3RyaWJ1dGlvbiI6bnVsbH0.MU8PLOVksA8MyjjLupq7HQBVK0n7FsQskQXpD29SJ62wybR9CK7niTem1CfFhh7DsMcwl8oFNc2aEBpMhi_TiEzk3eTRRwCybpvD18TriUYyy7WkyoYujr39uwJ5kpmoVz64R8WO6rGvUQ3eDYjSYjUrWNHVSK2CqrmY4Vo5dlA5pj91JC1gOUZx_oulO6pfOnoZYfIehBPTBUHvHEkdRuwaE0ca-cwaoWjRS1__pqV0OfYDGPsK-UHDwJxPzzWZZwwD9Jb1yMok0n6USthoC3zacDpaf9vpTYK-i95Jz6j-D_NBWu0T9wmie3hByvOyzg7-3ISXG6t3cU79ObjzvV2Z8UPAgGlbNTxpdprt-7VfoYUjvsl_8S_crJJanjfFa5tgtCF5sCa80zBnR_wlqq6fHbynUK5xIX5Bo7aaVlHZtLfC5GaTd_GzU_mi9JQ0V_64s0CRmyML2rXAevY87OD5MiBmHlVwQOdOwT1u5VC9_SWA7avp2Rm0Zd2RyM0BBlBoOKUts-JDNp1ONXUZ4321NSjDukiL6hVJTnX4R5f4TCF1RRTBH_GzXuaKnLsMTNqT3V-POdfkd2rEXGr4paw6UqXrjLS9AqyYsPnJXPGljYAeIWzH1Pe5dywnYuFKolU3gOhop1mc30dSNKXp3-TKxcl5ne4B2aAtqA93JhE&dt=Athelas%20Onboarding&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1054
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JPYRSMV841
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://onboarding.athelas.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 07 May 2024 16:11:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://onboarding.athelas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
api.athelas.com/tracking/ 2 B
99 B 169ms
168ms Fetch
text/html 35.190.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.athelas.com/tracking/track

Requested by

Host: onboarding.athelas.com
URL: https://onboarding.athelas.com/static/js/2.7a2b627c.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

38.40.190.35.bc.googleusercontent.com

Software

nginx/1.14.2 /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://onboarding.athelas.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 May 2024 16:11:50 GMT
content-security-policy: default-src 'self'
athelas_execution_time_in_ms: 20
x-content-type-options: nosniff
interface-version: 1.20.3
strict-transport-security: max-age=31556926; includeSubDomains
via: 1.1 google
client: clinic-dashboard
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.14.2
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://onboarding.athelas.com
access-control-expose-headers: Client, Interface-Version
x-content-security-policy: default-src 'self'

GET
H2 200 v3 Show response
js.stripe.com/ 603 KB
148 KB 124ms
29ms Script
text/javascript 18.245.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: onboarding.athelas.com
URL: https://onboarding.athelas.com/static/js/2.7a2b627c.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-115.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

510c3dc627544f53ea89400f6775cd6004a67157818d2d6d87206022b1b09595

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://onboarding.athelas.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 16:11:08 GMT
content-encoding: br
via: 1.1 f9b794511293751fa3df3ec945ab397e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 43
x-amz-cf-pop: FRA56-P9
x-cache: Hit from cloudfront
last-modified: Mon, 06 May 2024 20:37:52 GMT
server: Cloudfront
etag: W/"dca20f22e6f5085d1daf76522c8fea35"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: pg_RoInKTIrmIhr5jH74TBfK_7J1iyW-q5QZ8FwWcU3tRpQ9jBwg4g==

OPTIONS
H2 200 track
api.athelas.com/tracking/ Frame 0
0 257ms
154ms Preflight
text/html 35.190.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.athelas.com/tracking/track

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

38.40.190.35.bc.googleusercontent.com

Software

nginx/1.14.2 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://onboarding.athelas.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://onboarding.athelas.com
access-control-expose-headers: Client, Interface-Version
access-control-max-age: 3600
allow: OPTIONS, POST
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
client: clinic-dashboard
content-length: 0
content-security-policy: default-src 'self'
content-type: text/html; charset=utf-8
date: Tue, 07 May 2024 16:11:50 GMT
interface-version: 1.20.3
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.14.2
strict-transport-security: max-age=31556926; includeSubDomains
vary: Origin
via: 1.1 google
x-content-security-policy: default-src 'self'
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 200 / Show response
rcm-api.athelas.com/v1/track/ 4 B
97 B 153ms
153ms XHR
application/json 34.110.230.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rcm-api.athelas.com/v1/track/
Requested by: Host: onboarding.athelas.com
URL: https://onboarding.athelas.com/static/js/2.7a2b627c.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.230.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 65.230.110.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://onboarding.athelas.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 16:11:50 GMT
via: 1.1 google
server: uvicorn
vary: Authorization,Origin
content-type: application/json
access-control-allow-origin: https://onboarding.athelas.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
x-process-time: 0.008408546447753906

OPTIONS
H2 200 /
rcm-api.athelas.com/v1/track/ Frame 0
0 216ms
151ms Preflight
text/plain 34.110.230.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rcm-api.athelas.com/v1/track/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.230.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 65.230.110.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://onboarding.athelas.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://onboarding.athelas.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Tue, 07 May 2024 16:11:50 GMT
server: uvicorn
vary: Authorization,Origin
via: 1.1 google
x-process-time: 0.002171754837036133

GET
BLOB 200
OK 69118c80-e9a2-4b24-bf39-36408c1083ae
https://onboarding.athelas.com/ 46 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://onboarding.athelas.com/69118c80-e9a2-4b24-bf39-36408c1083ae
Requested by: Host: onboarding.athelas.com
URL: https://onboarding.athelas.com/patient_pay?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjQxNDc0NywiZmlyc3RfbmFtZSI6IktSSVNUQSIsImxhc3RfbmFtZSI6IkJPRFJFUk8iLCJzaXRlX2xvZ29fdXJsIjoiaHR0cHM6Ly9zdG9yYWdlLmdvb2dsZWFwaXMuY29tL25vcm1hbmR5X3NpdGVfbG9nb3MvbG9nb3MvLTEvcGF0aWVudF9wYXlfbG9nby5qcGciLCJzaXRlX25hbWUiOiJDYWNoZSBWYWxsZXkgV29tZW5zIENlbnRlciIsInNpdGVfaWQiOjI2NSwicGF0aWVudF9yZXNwb25zaWJpbGl0eV9pZHMiOlszOTk3MDgsNDQ4MzM3LDUwMzYyOCw2NjcwOTNdLCJhbW91bnRfZHVlX2NlbnRzIjoxODAwMCwiYXBwbHlfY3JlZGl0cyI6ZmFsc2UsImFwcGx5X2ZlZXMiOnRydWUsImJhdGNoX2lkIjoiYXV0b19zZW5kX2JhdGNoXzU2MTQ5MzA4LWJkZWItNDM2NC05YjMyLWJkZDI2MjFkOWY0MSIsImRlcGVuZGVudF9wYXRpZW50cyI6bnVsbCwibm90ZV9pZCI6bnVsbCwiZ2lmdF9jYXJkX2lkIjpudWxsLCJjcmVkaXRzX2Rpc3RyaWJ1dGlvbiI6bnVsbH0.MU8PLOVksA8MyjjLupq7HQBVK0n7FsQskQXpD29SJ62wybR9CK7niTem1CfFhh7DsMcwl8oFNc2aEBpMhi_TiEzk3eTRRwCybpvD18TriUYyy7WkyoYujr39uwJ5kpmoVz64R8WO6rGvUQ3eDYjSYjUrWNHVSK2CqrmY4Vo5dlA5pj91JC1gOUZx_oulO6pfOnoZYfIehBPTBUHvHEkdRuwaE0ca-cwaoWjRS1__pqV0OfYDGPsK-UHDwJxPzzWZZwwD9Jb1yMok0n6USthoC3zacDpaf9vpTYK-i95Jz6j-D_NBWu0T9wmie3hByvOyzg7-3ISXG6t3cU79ObjzvV2Z8UPAgGlbNTxpdprt-7VfoYUjvsl_8S_crJJanjfFa5tgtCF5sCa80zBnR_wlqq6fHbynUK5xIX5Bo7aaVlHZtLfC5GaTd_GzU_mi9JQ0V_64s0CRmyML2rXAevY87OD5MiBmHlVwQOdOwT1u5VC9_SWA7avp2Rm0Zd2RyM0BBlBoOKUts-JDNp1ONXUZ4321NSjDukiL6hVJTnX4R5f4TCF1RRTBH_GzXuaKnLsMTNqT3V-POdfkd2rEXGr4paw6UqXrjLS9AqyYsPnJXPGljYAeIWzH1Pe5dywnYuFKolU3gOhop1mc30dSNKXp3-TKxcl5ne4B2aAtqA93JhE
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 46922
Content-Type

GET
H2 200 xn7gYHE41ni1AdIRggexSg.woff2
fonts.gstatic.com/s/manrope/v15/ 24 KB
24 KB 76ms
23ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:wght@400;600;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://onboarding.athelas.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 20:31:46 GMT
x-content-type-options: nosniff
age: 70804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24376
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:22:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 May 2025 20:31:46 GMT

GET
H2 200 web-widget-main-2c036c6.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 0746 450 KB
140 KB 61ms
60ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-2c036c6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=e4d7ac7f-16a9-46fa-8a97-ba47d7a7e154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c8ff7823f171506f3769d5e6e006043121da0aba0f3e1ba7516ce9cdaa90c96

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 16:11:50 GMT
x-amz-version-id: rVVgZJdia.L6xrLAdLPu.LRa6Q7msFry
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: ZKNQ9932E29QMKCH
age: 17469
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: YZFMz9TYoE3mH8Dc4CTAczM0V9uEn6cbIDyf/23gTOTazwAMF8wl9/nMFaZEVsAmCl/EVYWNt+0oSQU/Ec6Ptw==
last-modified: Wed, 17 Apr 2024 07:26:24 GMT
server: cloudflare
etag: W/"73a364e37b75f906050ab2cbf45bce1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5stYiezLgvx3iMBXjxWISjpc%2FSPRkzXgA16NC69fxmFD9d9Xr0Lb0%2B4ZaGoUXaawKEKYYAA2Hal2g00PEWu1dsNlcwT2Exq%2B5WB0DnMiK%2BPTiVBRMqhY%2BE99H%2BRVO4uCWOws%2BAg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88027cf67dd519ad-FRA
access-control-allow-headers: *
expires: Thu, 17 Apr 2025 07:26:23 GMT

GET
H2 200 controller-with-preconnect-d5d04e12b590b912b9e630496bb99ce3.html
js.stripe.com/v3/ Frame 445F 0
0 80ms
24ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-d5d04e12b590b912b9e630496bb99ce3.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://onboarding.athelas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 51
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 229
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 07 May 2024 16:11:50 GMT
etag: "d5d04e12b590b912b9e630496bb99ce3"
last-modified: Mon, 06 May 2024 20:02:36 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 17
x-content-type-options: nosniff
x-request-id: 185febc8-5834-4400-98d1-a1ad3484e997
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 en-us-json-2c036c6.js Show response
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 0746 18 KB
4 KB 45ms
44ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-2c036c6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-2c036c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

076bfec89e7da7a1a1a2dad8dbf3b7b7966b969a71ac71008e159b578c388381

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 16:11:50 GMT
x-amz-version-id: dF1emRoZzP7OFVlBDHJaGVRRzy_B64K9
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: ZKNWP4HPNEMZF3PG
age: 17469
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 8TrcB0o7gdNY2d/nv4+0MqpOQ2JmSo8z0YYKMP7plsjKuVSv0Jtj/yMxTOXeajPlp6HluUKVeF4=
last-modified: Wed, 17 Apr 2024 07:26:26 GMT
server: cloudflare
etag: W/"c138cda822782aae92a91e1f8c39fc32"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DbwS2QTdAF%2FZvFQ4oRMu9WmnfrSjwFv9OUhfhL7FOoyl6bDaRDv2IcaahC20eQS%2BBssexWOcPYlehshN22y5YmGFBWSfnwvepzYJlEF1wYigI9NMlm%2FLcDCiscaMiQKQzpsRAvw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88027cf74efd19ad-FRA
access-control-allow-headers: *
expires: Thu, 17 Apr 2025 07:26:25 GMT

GET
H2 200 web-widget-84852-2c036c6.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 0746 139 KB
47 KB 47ms
47ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-84852-2c036c6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-2c036c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e66e9e0525b7a7a4658edba07661dcf6c6cb3928f966cde5f3e0f53fa1deb71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 16:11:50 GMT
x-amz-version-id: eRqvGsJ7xx9TP98zpQ2efFXFRrMsS0jc
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: ZKNHMRH7K1MQ98MM
age: 17469
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: VQQUU6fm/1pD2xgPSvIiLo9OrA7VypHHmW+R2+l7PzYfeHNzssXsEXHWNLrEk60+pKYGYHG8OMc=
last-modified: Wed, 17 Apr 2024 07:26:22 GMT
server: cloudflare
etag: W/"e4e7aad221ba7d1077b83221a7f7a4fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CrnrehrKZQGE9iQDjiMozmD4TNrWcpZRVN%2BN9Pq%2F0FaKvd401VPWdIdQImAi5s1NPQ0jgMsVqRXlOy8vWknkxZIh1Q%2FK7NOw3XS7gzJxpmWOQnQ%2Fmm0XCQcOYdiqkHgmMGz9Qsw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88027cf74efe19ad-FRA
access-control-allow-headers: *
expires: Thu, 17 Apr 2025 07:26:21 GMT

GET
H2 200 web-widget-9527-2c036c6.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 0746 29 KB
11 KB 53ms
53ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-9527-2c036c6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-2c036c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ad71bb2996ac89c0922d74c03405115600a0e9108c738f101c8b06e4dd59f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 16:11:50 GMT
x-amz-version-id: rhXGpQwCHF5F_QCem.gTVBICyJ4Sd3hW
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: ZKNJN084QG6WQ3Z9
age: 17469
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: h8oG+d7ilA4vqqYqMv3xdz+wSpXJ/qd9m16p3IUpyEJORBCD55ej3yUowrPoRyKII1Z2fCMNwWE=
last-modified: Wed, 17 Apr 2024 07:26:24 GMT
server: cloudflare
etag: W/"083d4fe56f4013855997ad6d21392f69"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xvtl5aK2NLPz3BmkL%2F3H6%2FdteVvY8knqhVfvqht4KjCq6jTmorZ5m8o5BaPlr20RzfWxtDC9aOZU4kLAv6SOY%2BFwO77Ntms%2FQFQ2Qc3dlbBRB4DfbwDobPGA886%2BSSrACrNW7p4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88027cf74f0119ad-FRA
access-control-allow-headers: *
expires: Thu, 17 Apr 2025 07:26:23 GMT

GET
H2 200 web-widget-92795-2c036c6.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 0746 14 KB
4 KB 42ms
42ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-92795-2c036c6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-2c036c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e6a4d9e16ce4da30f229293ef16fbdd906a6d7579d9090e6c83236db665c18c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 16:11:50 GMT
x-amz-version-id: fqOO61af1tfmOUzLXQC6GjhgORcDbswR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: ZKNQGM51ECEVC5GG
age: 17469
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 9d2vaRef6hNME0jGQ+bDlbqYs5UX2PErT/eUMON4tT4rUxaMaSpSP15FEjPXNBYUcT/lwDZ15oYfybyj+oSOPA==
last-modified: Wed, 17 Apr 2024 07:26:23 GMT
server: cloudflare
etag: W/"8dacd87b4c48f734bef8b1d2179cf0a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pf7KvGlUMpOaZI1V6OmscYICHIERn5LTfzZ0vzIRlE8n45moLt2OaeuYN%2Fabd2GuQejRtqMMxYfUWTTo7h%2FbuSIZTaaz5%2FsaTpgPnWTDwc9Dmi2STWbdEL6leWApVPe4Pd5QaLE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88027cf74f0719ad-FRA
access-control-allow-headers: *
expires: Thu, 17 Apr 2025 07:26:22 GMT

GET
H2 200 web-widget-15178-2c036c6.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 0746 12 KB
5 KB 40ms
39ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-15178-2c036c6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-2c036c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6d6b877a6e65b87c7eaada4f2e8ee780d5749e21a0b31a42dd843f50b74cf03

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 16:11:50 GMT
x-amz-version-id: 5MQYkcBwXxZ5dABNKLVTPMBNDJSPj4Kf
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: ZKNQ4K09ARD5TV78
age: 17469
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 8WINwYwHZoe/Au2hiLBdGn01hUsdWoKhHIl4HhB6xYw9voZHvmbV2D7tSZ6RD+8Kb6hobHnHGww=
last-modified: Wed, 17 Apr 2024 07:26:16 GMT
server: cloudflare
etag: W/"30cd804708caa9949248913ba8f11137"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B03UqMkwJrfmrVMRSK9RKomqTmpDJFlC15qZ8JzOgEaM3kiSdkPzsTHQh%2BlkuxVIa6O5qFNG7LhhOMSEVVRAf9bheRJgVz9gU3uFFm%2B%2B7eKlxMRXU8RDIDtVMpqG6pO5M0GzPJY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88027cf74f0819ad-FRA
access-control-allow-headers: *
expires: Thu, 17 Apr 2025 07:26:15 GMT

GET
H2 200 web-widget-59535-2c036c6.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 0746 15 KB
6 KB 39ms
38ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-59535-2c036c6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-2c036c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49c6b066c7794e32489b24de0b9269cdbd3a18ad9cb32552cb60f25d3123c972

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 16:11:50 GMT
x-amz-version-id: iwk5TUt1l6g_5iiKsnSUNvmCwEztbMSl
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: ZKNPE9SWPNWDTXQK
age: 17469
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ujG1j7W15UMdRZwUjhiQUzZl/hckhI3YfsUkEpgZX5DtMLe1F8rjNWdiQx+saEBOz52vG4SzqhY=
last-modified: Wed, 17 Apr 2024 07:26:20 GMT
server: cloudflare
etag: W/"d872b805dfde20482fe32889700afdc1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JpIlUBS01NtUkOixYuoW3qQYO5MNkClwb7LzTGRvH%2Fy167aqmdfBkShjpNPXE3N%2Fi1Este%2FN1uTk4zYkYvPZoF9B%2FiACEb1ElY%2BOcF48I4%2FJpT3l3uirtCOtiOl6LG7NWwiRXYM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88027cf74f0a19ad-FRA
access-control-allow-headers: *
expires: Thu, 17 Apr 2025 07:26:19 GMT

OPTIONS
H2 204 pv
athelas.zendesk.com/frontendevents/ Frame 0
0 659ms
569ms Preflight 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://athelas.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://onboarding.athelas.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 88027cf83ae39741-FRA
date: Tue, 07 May 2024 16:11:50 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=icxCQetCQ1u6JZylI5mlIb%2Be2296JiOZF2JNiTQ50rAx06yzqzJ7fg5MBLFy9OTal3MFLszj6dnGL3euIN3OHaoBALdQ3nHP7iji2bYR9N%2BDZPDZ%2BmJsDw7UX7ZueEbOl%2B6ZIwU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 88027cf83ae39741-FRA
x-zendesk-zorg: yes

POST
H2 200 pv
athelas.zendesk.com/frontendevents/ Frame 0746 0
0 208ms
208ms Fetch 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://athelas.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-2c036c6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 May 2024 16:11:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bV1%2BFdXHXsegj%2FCmutDVCavittQTd1lzcwkXwc1lnxbEq1zeixyymPd2XKzx53x%2FSQu0%2FwCDoLSd7ZI452HhHFVjsaOWmm4m%2B6nFOqEgmiQ7OoaJyk12JFuCawMTO2QHdrAuFrg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 88027cfbbff79741-FRA
content-length: 0
x-request-id: 88027cfbbff79741-FRA

GET
H2 200 config Show response
athelas.zendesk.com/embeddable/ Frame 0746 850 B
1 KB 168ms
80ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://athelas.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-2c036c6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 345e88f0156557dc9c8c887897860729be56615ea7bee761e04daa97169a0935

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 16:11:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 24
x-zendesk-origin-server: embeddable-app-server-6b5dd86575-2zh8s
x-cached: MISS
x-runtime: 0.002963
last-modified: Tue, 07 May 2024 16:11:26 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ugsaYuxAY3BBTdiHwK0MknEIV2z0kypH3MXFP9Vw7WGdoVeP6QQb%2FwL4Bdtzskz4pMfsogWCws0stC2%2FlhnEpXqHzZIZOyYpF1XRDjozWgU3lUfZ%2BvWrM6kc6c9GhG3WH0GVPzI%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 88027cf83ae29741-FRA

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 973B 0
0 24ms
24ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://onboarding.athelas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 665781
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 07 May 2024 16:11:50 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 153830
x-content-type-options: nosniff
x-request-id: c86da037-4572-4774-b00e-0b7038f46341
x-served-by: cache-fra-etou8220148-FRA

GET
H3 200 favicon.ico
onboarding.athelas.com/ 5 KB
2 KB 70ms
70ms Other
image/vnd.microsoft.icon 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.athelas.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae5f2df8f91c930d8895910246c3e02f2cf610dda2c49ee40117c16d79211ec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://onboarding.athelas.com/patient_pay?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjQxNDc0NywiZmlyc3RfbmFtZSI6IktSSVNUQSIsImxhc3RfbmFtZSI6IkJPRFJFUk8iLCJzaXRlX2xvZ29fdXJsIjoiaHR0cHM6Ly9zdG9yYWdlLmdvb2dsZWFwaXMuY29tL25vcm1hbmR5X3NpdGVfbG9nb3MvbG9nb3MvLTEvcGF0aWVudF9wYXlfbG9nby5qcGciLCJzaXRlX25hbWUiOiJDYWNoZSBWYWxsZXkgV29tZW5zIENlbnRlciIsInNpdGVfaWQiOjI2NSwicGF0aWVudF9yZXNwb25zaWJpbGl0eV9pZHMiOlszOTk3MDgsNDQ4MzM3LDUwMzYyOCw2NjcwOTNdLCJhbW91bnRfZHVlX2NlbnRzIjoxODAwMCwiYXBwbHlfY3JlZGl0cyI6ZmFsc2UsImFwcGx5X2ZlZXMiOnRydWUsImJhdGNoX2lkIjoiYXV0b19zZW5kX2JhdGNoXzU2MTQ5MzA4LWJkZWItNDM2NC05YjMyLWJkZDI2MjFkOWY0MSIsImRlcGVuZGVudF9wYXRpZW50cyI6bnVsbCwibm90ZV9pZCI6bnVsbCwiZ2lmdF9jYXJkX2lkIjpudWxsLCJjcmVkaXRzX2Rpc3RyaWJ1dGlvbiI6bnVsbH0.MU8PLOVksA8MyjjLupq7HQBVK0n7FsQskQXpD29SJ62wybR9CK7niTem1CfFhh7DsMcwl8oFNc2aEBpMhi_TiEzk3eTRRwCybpvD18TriUYyy7WkyoYujr39uwJ5kpmoVz64R8WO6rGvUQ3eDYjSYjUrWNHVSK2CqrmY4Vo5dlA5pj91JC1gOUZx_oulO6pfOnoZYfIehBPTBUHvHEkdRuwaE0ca-cwaoWjRS1__pqV0OfYDGPsK-UHDwJxPzzWZZwwD9Jb1yMok0n6USthoC3zacDpaf9vpTYK-i95Jz6j-D_NBWu0T9wmie3hByvOyzg7-3ISXG6t3cU79ObjzvV2Z8UPAgGlbNTxpdprt-7VfoYUjvsl_8S_crJJanjfFa5tgtCF5sCa80zBnR_wlqq6fHbynUK5xIX5Bo7aaVlHZtLfC5GaTd_GzU_mi9JQ0V_64s0CRmyML2rXAevY87OD5MiBmHlVwQOdOwT1u5VC9_SWA7avp2Rm0Zd2RyM0BBlBoOKUts-JDNp1ONXUZ4321NSjDukiL6hVJTnX4R5f4TCF1RRTBH_GzXuaKnLsMTNqT3V-POdfkd2rEXGr4paw6UqXrjLS9AqyYsPnJXPGljYAeIWzH1Pe5dywnYuFKolU3gOhop1mc30dSNKXp3-TKxcl5ne4B2aAtqA93JhE
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 16:11:50 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ab0cef93de776daf23f2bbca10dfcca9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rvxWroniATH7xVLi4myTpx5PmKiJ%2BAU01k4InEBjja3UiFenjnnU1NfWqI6XHL5NJhCwasw5GLjNK2YUKhE8XfsK39jFgndqzSpSBycerodPS7eiiyGCf5IMvXFW5FbvqOY0l0rGpGnoBKjp1PQV1NDYydu5"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 88027cf9ca9c0857-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 / Show response
o4504923185020928.ingest.sentry.io/api/4505247665160192/envelope/ 41 B
348 B 116ms
48ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o4504923185020928.ingest.sentry.io/api/4505247665160192/envelope/?sentry_key=96c6d9c8e9714af5a95dd4572b56873a&sentry_version=7&sentry_client=sentry.javascript.react%2F7.53.1

Requested by

Host: onboarding.athelas.com
URL: https://onboarding.athelas.com/static/js/2.7a2b627c.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

5a5d12cd6eda259718780f602a5e4781c54bc5a8bdc4e46e3c209eb490ec5fb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://onboarding.athelas.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 May 2024 16:11:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.athelas.com/	1970-01-21 06:00:58	Name: _ga Value: GA1.1.2050775256.1715098310
.athelas.com/	1970-01-21 06:00:58	Name: _ga_JPYRSMV841 Value: GS1.1.1715098309.1.0.1715098309.0.0.0
m.stripe.com/	1970-01-21 06:00:58	Name: m Value: 753ffbf3-ae57-4af1-a730-15b69cf2849d111214
.onboarding.athelas.com/	1970-01-21 05:10:34	Name: __stripe_mid Value: 8129bde8-7b75-4129-8ede-a7e50baa9651cbb994
.onboarding.athelas.com/	1970-01-20 20:25:00	Name: __stripe_sid Value: d0ebb071-1aad-4566-a55b-26e2e9c3cd3b9fb4f2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://onboarding.athelas.com/patient_pay?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjQxNDc0NywiZmlyc3RfbmFtZSI6IktSSVNUQSIsImxhc3RfbmFtZSI6IkJPRFJFUk8iLCJzaXRlX2xvZ29fdXJsIjoiaHR0cHM6Ly9zdG9yYWdlLmdvb2dsZWFwaXMuY29tL25vcm1hbmR5X3NpdGVfbG9nb3MvbG9nb3MvLTEvcGF0aWVudF9wYXlfbG9nby5qcGciLCJzaXRlX25hbWUiOiJDYWNoZSBWYWxsZXkgV29tZW5zIENlbnRlciIsInNpdGVfaWQiOjI2NSwicGF0aWVudF9yZXNwb25zaWJpbGl0eV9pZHMiOlszOTk3MDgsNDQ4MzM3LDUwMzYyOCw2NjcwOTNdLCJhbW91bnRfZHVlX2NlbnRzIjoxODAwMCwiYXBwbHlfY3JlZGl0cyI6ZmFsc2UsImFwcGx5X2ZlZXMiOnRydWUsImJhdGNoX2lkIjoiYXV0b19zZW5kX2JhdGNoXzU2MTQ5MzA4LWJkZWItNDM2NC05YjMyLWJkZDI2MjFkOWY0MSIsImRlcGVuZGVudF9wYXRpZW50cyI6bnVsbCwibm90ZV9pZCI6bnVsbCwiZ2lmdF9jYXJkX2lkIjpudWxsLCJjcmVkaXRzX2Rpc3RyaWJ1dGlvbiI6bnVsbH0.MU8PLOVksA8MyjjLupq7HQBVK0n7FsQskQXpD29SJ62wybR9CK7niTem1CfFhh7DsMcwl8oFNc2aEBpMhi_TiEzk3eTRRwCybpvD18TriUYyy7WkyoYujr39uwJ5kpmoVz64R8WO6rGvUQ3eDYjSYjUrWNHVSK2CqrmY4Vo5dlA5pj91JC1gOUZx_oulO6pfOnoZYfIehBPTBUHvHEkdRuwaE0ca-cwaoWjRS1__pqV0OfYDGPsK-UHDwJxPzzWZZwwD9Jb1yMok0n6USthoC3zacDpaf9vpTYK-i95Jz6j-D_NBWu0T9wmie3hByvOyzg7-3ISXG6t3cU79ObjzvV2Z8UPAgGlbNTxpdprt-7VfoYUjvsl_8S_crJJanjfFa5tgtCF5sCa80zBnR_wlqq6fHbynUK5xIX5Bo7aaVlHZtLfC5GaTd_GzU_mi9JQ0V_64s0CRmyML2rXAevY87OD5MiBmHlVwQOdOwT1u5VC9_SWA7avp2Rm0Zd2RyM0BBlBoOKUts-JDNp1ONXUZ4321NSjDukiL6hVJTnX4R5f4TCF1RRTBH_GzXuaKnLsMTNqT3V-POdfkd2rEXGr4paw6UqXrjLS9AqyYsPnJXPGljYAeIWzH1Pe5dywnYuFKolU3gOhop1mc30dSNKXp3-TKxcl5ne4B2aAtqA93JhE Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.athelas.com
athelas.zendesk.com
cdn.jsdelivr.net
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
o4504923185020928.ingest.sentry.io
onboarding.athelas.com
r.athelas.com
rcm-api.athelas.com
region1.google-analytics.com
static.zdassets.com
www.googletagmanager.com
104.16.51.111
104.18.70.113
104.18.72.113
151.101.128.176
18.245.46.115
199.36.158.100
2001:4860:4802:32::36
2a00:1450:4001:812::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a04:4e42::485
2a06:98c1:3121::3
34.110.230.65
34.120.195.249
35.190.40.38
031dc46051a59b7531591cc6517ef768dd4dfba26c6164b8b2ab0a5c3763ee7e
049ca1cf123757148bd46b076bbd2a133bea348c6a357c5955e6682c1c2fa959
076bfec89e7da7a1a1a2dad8dbf3b7b7966b969a71ac71008e159b578c388381
0c8ff7823f171506f3769d5e6e006043121da0aba0f3e1ba7516ce9cdaa90c96
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7
2ebdbd7a88a711a43fc51d48d4317580124b490a824c4a217d8ec5500b9569d4
3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc
345e88f0156557dc9c8c887897860729be56615ea7bee761e04daa97169a0935
3ffd0e494479ecb5446891cab4b7d50c9f834548aa02b60618646fdce5ab6f1c
49c6b066c7794e32489b24de0b9269cdbd3a18ad9cb32552cb60f25d3123c972
4aa1eb8c2cdb1b0188ed4b82440f757e5d9a11ef0aecdfd9956998653a6b0a37
4e66e9e0525b7a7a4658edba07661dcf6c6cb3928f966cde5f3e0f53fa1deb71
510c3dc627544f53ea89400f6775cd6004a67157818d2d6d87206022b1b09595
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a5d12cd6eda259718780f602a5e4781c54bc5a8bdc4e46e3c209eb490ec5fb2
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
745d83007a53e5bfcd2a99f8dd2614ff2d6436751eb2128af7a38d99206bea7b
80d89c389c22899faf59967d681288e8e32b6dd5080af76e40e5ac015ebf2cbe
8961d3ea9549719851a7ecbf62e4a9c8e8f726f7a0dfbd2b8cacd7bdf63cc56f
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
9ad71bb2996ac89c0922d74c03405115600a0e9108c738f101c8b06e4dd59f62
9e6a4d9e16ce4da30f229293ef16fbdd906a6d7579d9090e6c83236db665c18c
ae5f2df8f91c930d8895910246c3e02f2cf610dda2c49ee40117c16d79211ec0
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d6b877a6e65b87c7eaada4f2e8ee780d5749e21a0b31a42dd843f50b74cf03

onboarding.athelas.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

97 %HTTPS

40 %IPv6

10 Domains

14 Subdomains

15 IPs

3 Countries

1734 kBTransfer

6113 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

onboarding.athelas.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

97 %
HTTPS

40 %
IPv6

10
Domains

14
Subdomains

15
IPs

3
Countries

1734 kB
Transfer

6113 kB
Size

5
Cookies

32 HTTP transactions
0 data transactions